Negotiating Cyber Insurance

Assessing Worldwide Coverage

Sign up here for recording of Webinar.


Sign up here for more cyber insurance information

You are invited to a very special Webinar: Negotiating Cyber Insurance, with a focus on worldwide coverage issues. The Webinar is sponsored by the Emerging & Frontier Markets Association, Cyber Insurance Institute. The program will take place on March 1 at 11:00 AM EST and will last for 2 hours.

The Webinar will focus on the important terms and conditions of cyber policies that can have a significant impact on worldwide coverage. Even if you have insurance now, you will want to attend to see if your insurance fully covers possible incidents. For example, the program will help participants evaluate whether their current cyber insurance covers global liability such as for the EU's GDPR or other national requirements.


As if the risk of cyber attack on many different industries, ranging from financial, retail, hospitals and even law firms was not significant enough, many victims have found that they have been hit by a double whammy: a cyber incident and inadequate insurance coverage.

As one general counsel said, we thought we had insurance, but property, professional liability and business disruption insurance turned out not to cover the full range of liability for a cyber hack, particularly on a worldwide basis.

Companies suffer an average of 17 malicious attacks and 12 sustained probes on a monthly basis. In fact there was a major attack from the Internet of Things during the week of November 6, 2016.


As data breach incidents and related cyber risks increase and gain publicity, and as government agencies become more actively involved in policing the corporate response, companies need to take a close look at the protections provided by cyber risk insurance policies.


The program will focus on the important terms and conditions of cyber policies that can have a significant impact on available coverage worldwide. Topics covered include:


Policy territory

  • Does the policy cover operations outside of the US?

  • Does the policy cover the EU's General Data Protection Regulation (GDPR) and other global requirements?

  • What is the global impact of cyber attacks?


Third-Party Liability

  • Coverage such as privacy liability coverage. This includes liability to the insured’s customers, clients and employees for breaches of their private information..

  • Regulatory actions. There is substantial variance among cyber policies regarding what coverage they provide for regulatory and other governmental actions.

  • Notification costs. There is an ever-increasing landscape of breach notification laws on a state-by-state basis. What control does the insurance company have over the notification process?


Other Third-Party topics

  • Crisis management.  

  • Transmission of viruses/malicious code.


First-Party Coverage, such as

  • Theft and fraud coverage

  • Forensic investigation

  • Network/business interruption

  • Extortion

  • Data loss and restoration


Other topics

  • What is the appropriate trigger language, and what defense does the insurance company have?

  • What is the coverage for acts and omissions of third parties?


Stephen Raptis (Manatt, Phelps & Phillips, LLP) 

Steve Raptis has two decades of experience handling complex insurance claims

on behalf of commercial policyholders.

Daniel Garrie (Law & Forensics LLC) Daniel is the editor in chief of the Journal of Law & Cyber Warfare, a fellow at the Ponemon Information Privacy Institute, and is on the Board of Advisors of several cybersecurity and technology start-ups. 

Heather Wilkinson (Willis Towers Watson) Heather is Vice President at Willis Towers Watson, with 10 years of experience, and is part of the Cyber and E&O practice team  

Jeffrey Batt (Marsh) Jeffrey is a Vice President in Marsh’s Cyber Practice / Cyber Center of Excellence, a national team of specialists.  In this capacity, he develops cyber risk management and transfer solutions for large domestic and global corporations.  

David C. Lashway (Baker & McKenzie)

David  leads Baker McKenzie’s global cybersecurity practice and is a partner in Washington, DC. His practice involves advising clients on complex internal investigations, as well as administrative, civil and criminal litigation matters.

The program will take place on March 1 and will last for 2 hours. Sign up here to attend Webinar. The program will also be recorded and can be

purchased here. 

Research Partners:


© 2017 by EFMA LLC Proudly created with

  • facebook
  • Twitter Clean
  • w-googleplus